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I. Real Party in Interest 

The real party in interest in the appeal is: 

_ the party named in the caption of this brief. 
V the following party: 
ALCATEL 
54, rue La Boetie 
75008 Paris, FRANCE 
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II, Related Appeals and Interferences 

With respect to other appeals, interferences or judicial 

proceedings that will directly affect, or be directly affected by, or have 

a bearing on the Boards decision in this appeal: 

V there are no related appeals, interferences or judicial 

proceedings related to, which directly affect or may be directly affected 

by or have a bearing on the Board's decision in this pending Appeal 
_ these are as follows: 
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III. Status of Claims 

The status of the claims in this application is as follows: 

A. Total number of claims in Application 

Claims in the application are: 

Claims 1, 4-6 and 9, totaling five (5) claims. 

B. Status of all the claims: 

1. Claims cancelled: Claims 3, 7 and 8-12 

2. Claims withdrawn from consideration but not cancelled: none 

3. Claims pending: Claims 1, 4-6 and 9 

4. Claims allowed: none 

5. Claims rejected: Claims 1, 4-6 and 9 

C. Claims on Appeal. 

The claims on appeal are: Claims 1, 4-6 and 9 
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IV. Status of Amendments 

The status of amendments filed subsequent to the final 
rejection is as follows: 

Appellant respectfully submits that the amendment filed on 
October 9, 2008, rewriting claim 9 into independent form, and 
canceling claims 10-12, is pursuant to the provisions of 37 CFR § 1.116 
for removing issues for appeal, and therefore understands the 
amendment will be entered. 
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V, Summary of Claimed Subject Matter 
Claims 1 and 9 are the only independent claims in this appeal 
A concise explanation of the subject matter of independent claims 1 and 9 
is presented in the following two (2) tables, one table for each claim. Each table 
presents an element-limitation breakdown of one claim and identifies, according 
to paragraph numbers in the Specification and/or figure and item numbers in 
the drawings, disclosed illustrative examples of structure meeting the claim 
elements and limitations. 

Appellant respectfully states that the tables identify only illustrative 
examples, and do not necessarily identify the only claim breakdown or identify 
the only portions, or encompass all portions of Appellant's disclosure meeting 
the table's recited claim elements and limitations. Appellant respectfully states 
that the tables are not any disclaimer of claim scope or claimable subject 
matter. 



Claim 1 


Disclosed Illustrative Example 


A method of authenticating end-user 
clients requiring access to services 
available in a computer-based 
communication system, comprising 
the steps of: 


Figs. 1, 3 and 4 show example 
environments having end-user clients 
10, requiring access to computer-based 
communication systems. Fig. 2 shows 
a functional block diagram of an 
example of the claimed method. 


(a) at an authentication server 
connected in said communication 


Fig. 1 shows a client 10 and an 
authentication server 11. Fig. 1 blocks 
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Claim 1 


Disclosed Illustrative Example 


system, defining a list of 
authentication modules available in 
said communication system, and 

mapping said authentication 
modules to authenticating domain 
identifiers associated to end-user 
clients of said authentication server, 
wherein said authenticating domain 
identifiers each comprise an 
application service identifier; 


13 and 13' show defined authentication 
modules available to the computer- 
based communication system. 

Fig. 1 shows a client 10 and an 
authentication server 11. Fig. 1 block 
50 shows the stored mapping of 
authentication domain identifiers to 
authentication modules. The 
Specification at paragraph [0020] 
describes the mapping of 
authentication modules to 
authentication domain identifiers. 


b) sending, by an end-user client, a 
respective authentication domain 
identifier to said authentication 
server; 


Fig. 1 shows a client 10 and an 
authentication server 11. Fig. 2 block 
20 shows the end-user client sending a 
respective authentication domain 
identifier. The Specification at 
paragraph 23 describes an example 
operation of the end-user client 
sending the respective authentication 
domain identifier to the server. 
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Claim 1 


Disclosed Illustrative Example 


c) creating, by the authentication 
server and depending on the 
authentication domain identifier, an 
authentication stack specific to said 
end-user client, said stack 
comprising one or more stack entries, 
each mapped to a respective 
authentication module; 


Fig. 2 block 21 shows the 
authentication retrieving a stack 
configuration using the authentication 
domain identifier received from block 
20. The Specification at paragraph 
[0020] describes an example of the 
authentication server building an 
authentication stack specific using the 
authentication domain identifier 
received from, for example Fig. 2, block 
20, and the mapping stored at Fig. 1, 
block 50. 


d) rendering, for each stack entry 
and depending thereon, an 
authentication service provided at 
said respective authentication 
module to produce an authentication 
result for that entry; and 


Fig. 2 at blocks 22, 23, 24, 25, 26, 27, 
and 28 shows an example of the 
rendering of an authentication service 
for authentication module stack entry 
in the stack, and producing a result 
collected at block 30. The Specification 
at paragraphs [0021] - [0023] 
describes an example of the rendering, 
for each stack entry, of an 
authentication service. 


e) consolidating authentication 
results to obtain an authentication 
status for the end-user client. 

* 


Fig. 2 at block 30 shows an example of 
consolidating authentication results 
and, at blocks 31, 32 and 33, shows an 
example of obtaining an 
authentication status for the end user 
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Claim 1 


Disclosed Illustrative Example 


[repeated from previous page] 
e) consolidating authentication 
results to obtain an authentication 
status for the end-user client. 


client based on the consolidating. The 
Specification at paragraph [0021] of 
the consolidating authentication 
results to obtain an authentication 
status. 




Claim 4 


Disclosed Example 


The method as defined in claim 1 
wherein the authentication service 
includes local and remote services. 


Fig. 1, blocks 13 and 13' show local 
authentication services, blocks 14 and 
14' show remote authentication 
services. Fig. 2, blocks 26 and 27 show 
local and remote authentication 
services. The Specification at 
paragraph [0018] describes an 
example of the authentication services 
being local and remote. 




Claim 5 


Disclosed Example 


The method as defined in claim 4 
wherein the local and remote services 
include but are not limited . to 
biometric schemes, cryptographic 
hardware services, smart cards and 
USB tokens. 


The Specification at paragraph 
[0018] describes an example of the 
local and remote authentication 
services including biometric 
schemes, cryptographic hardware 
services, smart cards and USB 
tokens. 
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Claim 6 


Disclosed Example 


The method as defined in claim 1 
further comprising, sending a unique 
session identifier to the end-user 
client responsive to an authentication 
status corresponding to a successful 
authentication. 


Fig. 2, block 32 shows an example 
of sending a unique session 
identifier to the end-user client in 
response to the authentication 
status, see Fig. 2 block 31. The 
Specification at paragraph [0021] 
describes an example of sending a 
unique session identifier to the end- 
user client in response to the 
authentication status. 




Claim 9 


Disclosed Illustrative Example 


A system for authenticating an end- 
user client in a computer-based 
communication system comprising: 


Figs. 1-4 


means, at the end-user client, for 
sending an authenticating domain 
identifier to an authentication 
server, wherein said authenticating 
domain identifier comprises an 
application service identifier; 


Fig. 1, block 10, and at Fig. 3, example 
"NE1 ... NE3" shows an end-user 
client configured as shown at, for 
example, Fig. 2, block 20, showing the 
end-user client sending a respective 
authentication domain identifier. The 
Specification at paragraph 23 
describes an example operation of the 
end-user client sending the respective 
authentication domain identifier to the 
server. 
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Claim 9 


Disclosed Illustrative Example 


means, at the authentication server 
and depending on the authentication 
domain identifier, for creating an 
authentication stack comprising one 
or more stack entries; 


Fig. 1, block 11, and Fig. 3, example 
"5620 NMS," shows an authentication 
server configured as shown at, for 
example, Fig. 2, at block 21 showing 
the authentication retrieving a stack 
configuration using the authentication 
domain identifier received from block 
20. The Specification at paragraph 
[0020] describes an example of the 
authentication server building an 
authentication stack specific using the 
authentication domain identifier 
received from, for example Fig. 2, block 
20, and the mapping stored at Fig, 1, 
block 50. 


means for rendering, for each stack 
entry and depending thereon, an 
authentication service to produce an 
authentication result for that entry; 
and 


Fig. 1, block 11, and Fig. 4, example 
"5620 NMS" shows an authentication 
server configured as shown at, for 
example, Fig. 2 at blocks 22, 23, 24, 25, 
26, 27, and 28 shows an example of the 
rendering of an authentication service 
for authentication module stack entry 
in the stack, and producing a result 
collected at block 30. The Specification 
at paragraphs [0021] - [0023] 
describes an example of the rendering, 
for each stack entry, of an 
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Claim 9 


Disclosed Illustrative Example 




authentication service. 


means for consolidating 
authentication results to obtain an 
authentication status for the end- 
user client. 


Fig. 1, block 11, and Fig. 4, example 
"5620 NMS" shows an authentication 
server configured as shown at, for 
example, Fig. 2 at block 30, showing 
an example of consolidating 
authentication results and, at blocks 
31, 32 and 33, showing an example of 
obtaining an authentication status for 
the end user client based on the 
consolidating. The Specification at 
paragraph [0021] of the consolidating 
authentication results to obtain an 
authentication status 


wherein the authentication server, 
dependent on the application ID, 
retrieves a configuration specifying 
how to create the authentication 
stack. 


Fig. 2 block 21 shows the 
authentication retrieving a stack 
configuration using the authentication 
domain identifier received from block 
20, the configuration specifying how to 
create the authentication stack. The 
Specification at paragraph [0020] 
describes an example of the 
authentication server building an 
authentication stack specific using the 
authentication domain identifier 
received from, for example Fig. 2, block 
20. 
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VI. Grounds of Rejection to be Reviewed on Appeal 

The grounds of rejection to be reviewed on appeal are as follows: 

1. Claim 1 being rejected under 35 U.S.C. § 102(e) as being anticipated by U.S. 
Patent No. 7,017,051 ("Patrick"). Final Rejection, at pp. 3-4. 

2. Claims 4 and 5 being rejected under 35 U.S.C. § 103(a) as being unpatentable 
over Patrick in view of U.S. Publication No. 2003/0012382 Al ('Ferchichi"). 
Final Rejection, at pp. 5-6. 

3. Claim 6 being rejected under 35 U.S.C. § 103(a) as being unpatentable over 
Patrick in view of U.S. Patent No. 6,587,880 C'Saigo"). Final Rejection, at p. 6. 

4. Claim 9 being rejected under 35 U.S.C. § 103(a) as being unpatentable over 
Ferchichi in view of U.S. Publication No. 2003/0154373 Al ("Shimada"). Final 
Rejection, at pp. 6-7. 
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Argument VIIA. Rejections Under 35 U.S.C. §112, first paragraph 
There are no rejections under 35 U.S.C. §112, first paragraph. 
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Argument VIIB. Rejections Under 35 U.S.C. §112, second paragraph 
There are no rejections under 35 U.S.C. §112, second paragraph. 
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Argument VIIC. Rejections Under 35 U.S.C. § 102 

Claim 1 is the only claim in this appeal that stands rejected under 35 
U.S.C. § 102. 

Appellant respectfully submits the Examiner is in error in rejecting claim 
1 under 35 U.S.C. § 102(e), as allegedly anticipated by U.S. Patent No. 
7,017,051 (" 'Patrick"). 

Appellant respectfully submits the Examiner's position is not consistent 
with the broadest reasonable meaning of the claim 1 language. 

Appellant respectfully submits, in addition, the Examiner's position relies 
on Patrick as a teaching of claim elements that, after proper interpretation of 
the claim language, would not be understood by persons of ordinary skill in the 
art as disclosed by that reference. 

Claim 1 recites, in combination with other elements: 

a) mapping said authentication modules to authenticating 
domain identifiers associated to end-user clients of said 
authentication server. 

b) sending, by an end-user client, a respective 
authentication domain identifier to said authentication 
server; and 

c) creating, by the authentication server and depending on 
the authentication domain identifier, an authentication 
stack specific to said end-user client, said stack 
comprising one or more stack entries, each mapped to a 
respective authentication module 

Section VIII, Appendix of Claims, claim 1, at lines 4-15. 
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The specification describes, among other features, that "the present 
invention provides ... aggregating various kinds of authentication mechanisms 
... into a centralized authentication stack." Specification, at paragraph [0025]. 

Appellant submits that, in examination before the PTO, the pending 
claims must be 'given their broadest reasonable interpretation consistent with 
the specification/" MPEP § 21111, quoting Phillips v. AWH Corp., 415 F.3d 
1303, 75 USPQ2d 1321 (Fed. Cir. 2005) 

'This means that the words of the claim must be given their plain 
meaning unless the plain meaning is inconsistent with the specification/' MPEP 
§ 2111.01(1), quoting In re Zletz, 893 F.2d 319, 321, 13 USPQ2d 1320, 1322 
(Fed. Cir. 1989); and Chef America, Inc. v. Lamb-Weston, Inc., 358 F.3d 1371, 
1372, 69 USPQ2d 1857 (Fed. Cir. 2004). 

The MPEP guidelines require that "[ordinary, simple English words 
whose meaning is clear and unquestionable, absent any indication that their 
use in a particular context changes their meaning, are construed to mean 
exactly what they say/' Id., at § 2111.01(1), citing Chef America v. Lamb-Weston, 
358 F.3d at 1372. 

The "plain meaning refers to 'the ordinary arid customary meaning of a 
claim term/' which may be evidenced by a variety of sources, including n the 
words of the claims themselves, [and] the remainder of the specification/' MPEP 
§ 2111(111), citing Phillips v. AWH, 415 F.3d at 1314, 75 USPQ2d at 1327. 
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Appellant's claim 1 recites the step of "mapping said authentication 
modules to authenticating domain identifiers associated to end-user clients of 
said authentication server" 

Appellant submits the record does not show the specification specially 
defines any of the "mapping" step's language, and therefore the broadest 
reasonable meaning is the plain meaning, i.e., ordinary and customary meaning 
as evidenced by, for example, the claims themselves and the specification. 
MPEP§ 2111.01(111). 

Appellant further submits that a person of ordinary skill in the art is 
presumed to understand that all instances within claim 1 of 'authentication 
domain identifier" have the same meaning. See Pods, Inc. v. Porta Stor, Inc., 
484 F.3d 1359 (Fed. Cir. 2007). 

Looking at the "sending" step, Appellant respectfully submits that 
applying conventional rules of grammar the recital of "respective" means: the 
"authentication domain identifier" is the "authentication domain identifier" 
associated with that "end user client" 

Looking next at the "creating* step, this recites the creating, at the 
authentication server of "an authentication stack specific to said end-user client 
... of one more stack entries" and recites the creating as "depending on the 
authentication domain identifier." Section VIII, Appendix of Claims, claim 1, at 
lines 12-14. The claim 1 "creating* step also recites: "each [of the stack entries] 
mapped to a respective authentication module." Id., at lines 14-15. 
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Appellant submits that a person of ordinary skill in the art, based on the 
recital of "mapped to a respective authentication module" will understand the 
plain meaning of the "authentication domain identifier 1 ' within the "creating 11 
step as being one of the "authentication domain identifiers" mapped, in the 
"mapping' step to associate with authentication modules 

Appellant therefore respectfully submits, in view of the meaning of the 
"mapping" and "sending" steps Appellant argues above that, reading the order 
of the steps of" mapping" "sending* and "creating" a person of ordinary skill in 
the art will clearly understand the claim \" creating step to mean: 

After the claim 1 "mapping step establishes its recited associations 
between the "authentication domain identifiers associated to end-user clients" 
and the "authentication modules" and after the claim 1 "sending step receives 
an "authentication domain identifiers" from an "end-user client" the server 
creates a stack of the authentication modules, the stack being both "specific to 
the end-user client" and created in a manner "depending on the [received] 
authentication domain identifier" 

Appellant respectfully submits the above-submitted meaning is the 
broadest reasonable meaning of the claim 1 "mapping" "sending and "creating. 

Turning to Patrick, Appellant respectfully submits that, properly 
interpreting the claim 1 steps of "mapping" "sending and "creating according 
to their broadest reasonable meanings, Patrick lacks all the following elements 
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of the claim: (i) the "mapping" step; (ii) the "sending" step; and (hi) the step of 
"creating ... an authentication stack." 

Patrick therefore cannot anticipate claim 1, because "a claim is 
anticipated only if each and every element as set forth in the claim is found, 
either expressly or inherently described, in a single prior art reference." MPEP § 
2131, quoting Verdegaal Bros. v. Union Oil Co. of California, 814 F.2d 628, 631, 
2 USPQ2d 1051, 1053 (Fed. Cir. 1987). 

The Examiner's position is that Patrick discloses subject matter within 
the meaning of the claim 1 defined step of "mapping." Final Action, p. 3, citing 
Patrick at col. 2, lines 60-67; col. 3, lines 1-3; and col. 8, lines 39-53. The 
Examiner's position is "that [Patrick at] column 3, lines 1-3 state[s] that ' 
'LoginContext 102 can consult configuration 106 to determine which specific 
login modules 11—118 to invoke in performing authentication of a subject."' 
Final Office Action at p. 2. 

The Examiner position goes further, stating that "[t]his [disclosure by 
Patrick] implies that the configuration 106 stores a previously determined 
mapping of subjects to required modules." Final Office Action at p. 2 

Appellant respectfully submits, with due respect to the Examiner, that 
the Examiner's position is in error. Appellant submits the Examiner's position 
is not supported by Patrick. Appellant submits the Examiner's position is not 
consistent with the broadest reasonable interpretation of the claim language. 
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Patrick recites at col. 2, lines 6-67 and col. 3, lines 1-3 that "a 
LoginContext 102 can consult configuration 106 to determine what specific 
modules to invoke." 

However, this recital by Patrick does meet the claim 1 elements of 
"mapping" "sending" or "creating" because Patrick discloses nothing of its 
"configuration 106" being constructed based on any "mapping" of associations 
between anything within the meaning of "authentication domain identifier' and 
anything within the meaning of "authentication modules" 

In fact, reading Patrick in its entirety, Patrick discloses nothing as to how 
the "configuration 106" is constructed. Appellant respectfully submits that 
Patrick discloses nothing more than the "configuration 106" being simply a 
given. 

Patrick describes at col. 2, lines 60-67, that "[a]n application invokes the 
LoginContext's login method to request authentication of a subject" and, "upon 
successful authentication," that "principals are associated with [the] subject." 
Patrick further describes "principals [being] associated with a subject" at col. 8, 
lines 39-53 - a section which the Examiner cites as showing the claim 1 
"mapping." 

However, these disclosures by Patrick pertain to various relationships 
between principals, groups and subjects and, referring back to Patrick at col. 2, 
lines 60-67, these relate to entities associated with an application after 
successful authentication. 
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Appellant respectfully submits, reading all of the cited sections of Patrick, 
and reading Patrick in its entirety, that Patrick discloses nothing of, and 
nothing suggesting toward, the configuration 106" being created based on any 
identifier of the application 100. 

Further, Patrick's "associations]" at col 2, lines 60-67, and at col. 8, lines 
39-53 - which are the sections the Examiner cites as showing the claim 1 
"mapping" - are disclosed by Patrick as among subjects (including applications) 
and principals. Patrick does not disclose any association between Patrick's 
"subjects" and Patrick's modules 110-118. 

Further, according to Patrick these associations are used only after 
successful authentication. See Patrick, at col. 2, lines 60-67, and at col 8, lines 
39-53. 

Appellant respectfully submits, for the foregoing reasons, that Patrick 
discloses nothing within the broadest reasonable meaning of the claim 1 
"mapping* step. 

Likewise, Patrick discloses nothing within the broadest reasonable 
meaning of the "sending" step; Patrick discloses "applications" but nowhere 
describes "applications' as having an identifier. 

Regarding the claim 1 "creating" step, the step is defined as depending on 
the "authentication domain identifier" that is received at its "sending" step and, 

Patrick shows nothing within the meaning of the "mapping' step and 
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therefore does not, and cannot disclose or suggest toward the claim 1 step of: 
"creating ...an authentication stack." 

Appellant, for the foregoing reasons, respectfully requests the rejection of 
claim 1 be reversed. 
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Argument VIID. Rejections Under 35 U.S.C. § 103 

. 1. Claims 4 and 5 
Appellant respectfully submits the Examiner's rejection of claims 4 and 5 
under 35 U.S.C. § 103(a) as being unpatentable over Patrick U.S. in view of 
Patrick in view of U.S. Publication No. 2003/0012382 Al ("Ferchichi") is in 
error. 

Appellant first submits that claims 4 and 5 depend from claim 1. 

Appellant respectfully incorporates by reference and hereby restates, as if 
set forth here in the entirety, all of Appellant's arguments at Section VIID (2) 
hereinabove regarding base claim 1 and Patrick. 

Appellant's dependent claim 4 defines a combination having all elements 
of base claim 1, with the claim 4 elements combined as recited by the claim. 

Likewise, dependent claim 5 depends from claim 4 and, therefore, defines 
a combination having all elements of its base claim 1 and intervening claim 4, 
with the claim 5 elements combined as recited by the claim. 

The Examiner's position in rejecting dependent claim 4 is that Ferchichi 
discloses remote services. Final Action at p. 5. 

The Examiner's position in rejecting dependent claim 5 is that Ferchichi 
discloses assorted local and remote authentication services including biometrics, 
cryptographic hardware, smart cards and USB tokens. Final Action at pp. 5-6. 

Regarding claim 4, Appellant respectfully submits that a prior art 
disclosure, such as Ferchichi, of various assorted local and remote 
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authentication services does not constitute any disclosure of, or any suggestion 
toward the claim 1 "mapping" step, or the claim 1 "creating" step. 

Regarding claim 5, Appellant respectfully submits that a prior art 
disclosure, such as Ferchichi, of various assorted local and remote 
authentication services such as biometrics, cryptographic hardware, smart 
cards and USB tokens does not constitute any disclosure of, or any suggestion 
toward the claim 1 "mapping" step, or the claim 1 "creating" step. 

Appellant further submits that the collected teachings of Patrick and 
Ferchichi fail to support any rationale for combining and modifying their 
respective disclosures to meet claim 6 that is listed under the MPEP § 2141 
guidelines for combining and modifying art under KSR v. Tele flex., 127 S.Ct. at 
1740. 

For example, a rationale of "combining prior art elements according to 
known methods to yield predictable results," -MPEP § 2141(III)(A), cannot be 
shown, because the collected teachings of Patrick and Ferchichi lack the 
"mapping" and "creating 5 ' elements of claim 1 and, further, their collection 
shows nothing of "known methods" for combining what they do not disclose. 

As another example, the rationale of "[s]imple substitution of one known 
element for another to obtain predictable results," MPEP § 2141(III)(B), cannot 
be shown, because the collected teachings of Patrick and Ferchichi lack the 
"mapping" and "creating" elements of claim 1 and, further, this collection has 
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nothing reasonably sufficient as objective evidence of any simple substitution 
into one another of the subject matter that they collectively lack. 

As another example, the rationale of n [o]bvious to try - choosing from a 
finite number of identified, predictable solutions, with a reasonable expectation 
of success/' MPEP § 2141(III)(E), cannot be shown, because there is nothing in 
the collected teachings of Patrick or Ferchichi showing a "finite number of 
identified, predictable solutions, with a reasonable expectation of success," in a 
direction toward claim 1. 

Appellant respectfully requests, for the foregoing reasons, that the 
rejection of claims 4 and 5 be reversed. 

2. Claim 6 

Appellant respectfully submits the Examiner is in error in the rejection of 
claim 6 under 35 U.S.C. § 103(a) as allegedly being unpatentable over Patrick in 
view of U.S. Patent No. 6,587,880 ("Saigo"). 

Appellant respectfully incorporates by reference and restates, as if set 
forth here in the entirety, all of Appellant's arguments regarding base claim 1, 
and the deficiencies of Patrick's disclosure as a reference in relation to the 
claim. 

Appellant's claim 6 depends from claim 1 and, therefore, defines a 
combination having all elements of its base claim 1, with added subject matter 
combined as recited at claim 6. 
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The Examiner's position in rejecting dependent claim 6 is that "Saigo 
discloses transmitting a session identifier to the user upon successful 
authentication. " Final Action at p. 6. 

Appellant respectfully submits the Examiner's position regarding claim 6 
does not remove the error in rejecting base claim 1. Stated more particularly, a 
prior art disclosure, such as Saigo, of transmitting a session identifies, does 
nothing to change the deficiency of the primary reference, Patrick, of lacking the 
claim 1 "mapping" step and the claim 1 11 creating' step. 

Appellant further submits that the Examiner's position on Saigo 
identifies nothing as being objective evidence of obviousness of the combination 
of elements defined by Appellant's base claim 1, or the combination of base 
claim 1 with the subject matter of claim 6. 

Appellant submits that the collected teachings of Patrick and Saigo fail to 
support any rationale for combining and modifying their respective disclosures 
to meet claim 6 that is listed under the MPEP § 2141 guidelines for combining 
and modifying art under KSR v. Telefax., 127 S.Ct. at 1740. 

For example, a rationale of "combining prior art elements according to 
known methods to yield predictable results," MPEP § 2141(III)(A), cannot be 
shown, because the collected teachings of Patrick and Saigo lack the "mapping" 
"sending* and "creating' elements of claim 1 and, further, the collection shows 
nothing of "known methods" for combining subject matter that the collection 
lacks. 
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As another example, the rationale of "[s]imple substitution of one known 
element for another to obtain predictable results," MPEP § 2141(III)(B), cannot 
be shown, because the collected teachings of Patrick and Saigo lack the 
"mapping" and "creating" elements of claim 1. Further, the collection of Patrick 
and Saigo has nothing that is objective evidence of any simple substitution into 
one another of the subject matter that they collectively lack. 

Further as example, the rationale of "[o]bvious to try - choosing from a 
finite number of identified, predictable solutions, with a reasonable expectation 
of success," MPEP § 2141(III)(E), cannot be shown, because there is nothing 
identified by the Examiner in the collected teachings of Patrick and Saigo 
showing a "finite number of identified, predictable solutions, with a reasonable 
expectation of success," in a direction toward claim 1. 

Appellant therefore respectfully requests that the rejection of claim 6 be 
reversed. 

C. Claim 9 

Appellant respectfully submits the Examiner's rejection of claim 9 under 
35 U.S.C, § 103(a) as being unpatentable over U.S. Publication No. 
2003/0012382 Al ^Ferchichi) in view of U.S. Publication No. 2003/0154373 Al 
CShimada") is in error. 

With respect to the primary reference, Ferchichi, the Examiner applies 
this reference to claim 9 further^o the Examiner's stated position in rejecting 
the now-canceled claim 7 (on which claim 9 was dependent prior to being 
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amended into the independent fo;*m in which it presently stands), as anticipated 
by Ferchichi under 35 U.S.C. § 102(e). See Final Action at pp. 4-7. 

All of the elements of the now-canceled claim 7 are included in the 
present claim 9, 

Appellant respectfully submits that the Examiner, in the rejection of 
claim 7, is in error by stating Ferchichi discloses, at its paragraphs [0012] - 
[0015] the claim 9 "means, at the authentication server and depending on the 
authentication domain identifier, for creating an authentication stack" 

The Examiner's statement is not consistent with the broadest reasonable 
meaning of this element's recited function. 

The function of the claim 7 (now claim 9) "means ...for creating;' element 
includes: (i) "at the authentication server ... creating an authentication stack" 
and (ii) the "creating ... depending on the authentication domain identifier" 
Section VIII, Appendix of Claims, claim 9, at lines 6-8. 

Ferchichi shows nothing capable of performing a function within this 
recited definition. 

Regarding part (i), i.e., "at the authentication server," the plain, broadest 
reasonable meaning of this claim 9 (examined claim 7) language is: at the 
authentication server. 

Ferchichi discloses nothing within the broadest reasonable meaning of 
this language. Ferchichi does not do anything at an authentication server; 
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Ferchichi does not have an authentication server. See Ferchichi at paragraph 
[0018]. 

Regarding part (ii), i.e., the "creating ... depending on the authentication 
domain identifier," the broadest reasonable meaning of this phrase is that the 
creating is performed in a manner depending on the authentication domain 
identifier. 

Ferchichi discloses nothing within the broadest reasonable meaning of 
this "creating" language, because Ferchichi does not form any stack of anything 
based on any identifier. Ferchichi provides a smart card having the 
authentication. See Ferchichi at paragraphs [0010] through [0020]. 

Appellant respectfully submits that interpreting Ferchichi s smart card 
as "creating an authentication stack depending on the authentication domain 
identifier" requires interpreting the claim language to include processor forming 
a stack using its pre -stored "stack" and using itself as an identifier. 

Appellant respectfully submits that such an interpretation is beyond the 
broadest reasonable interpretation of "creating an authentication stack ... 
depending on the authentication domain identifier." 

The examined claim 9 includes the clarifying language of: "wherein the 
authentication server, dependent on the application ID, retrieves a configuration 
specifying how to create the authentication stack. " Section VIII, Appendix of 
Claims, claim 9, at lines 13-14. 
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In the rejection of claim 9 the Examiner's states that Shimada at 
paragraph [0040] teaches the examined claim 9 recitations. Final Office Action 
at p. 7. 

Appellant respectfully submits that the Examiner's statement is not 
supported by any subject matter found in Shimada's disclosure - neither at 
paragraph [0040] or anywhere else in the reference. 

Appellant respectfully submits, with all due respect to the Examiner, that 
upon reading Shimada' s paragraph [0040], standing alone and in conjunction 
with the remaining paragraphs [0001] through [0039] and paragraphs [0041] 
through [0465] of the reference, Appellant cannot find support for the 
Examiners statement. 

Appellant submits that the collected teachings of Ferchichi and Shimada 
fail to support any rationale for combining and modifying their respective 
disclosures to meet claim 6 that is listed under the MPEP § 2141 guidelines for 
combining and modifying art under KSR v. Teleflex, 127 S.Ct. at 1740. 

For example, a rationale of "combining prior art elements according to 
known methods to yield predictable results," MPEP § 2141(III)(A), cannot be 
shown, because the collected teachings of Ferchichi and Shimada lack the 
"mapping" "sending" and "creating" elements of claim 1 and, further, the 
collection shows nothing of "known methods" for combining subject matter that 
the collection lacks. 
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As another example, the rationale of "[s]imple substitution of one known 
element for another to obtain predictable results," MPEP § 2141(III)(B), cannot 
be shown, because the collected teachings oiFerchichi and Shimada lack the 
"mapping" and "creating" elements of claim 1. Further, the collection of 
Ferchichi and Shimada has nothing that is objective evidence of any simple 
substitution into one another of the subject matter that they collectively lack. 

Further as example, the rationale of "[o]bvious to try - choosing from a 
finite number of identified, predictable solutions, with a reasonable expectation 
of success," MPEP § 2141(III)(E), cannot be shown, because there is nothing 
identified by the Examiner in the collected teachings of Ferchichi and Shimada 
showing a "finite number of identified, predictable solutions, with a reasonable 
expectation of success," in a direction toward claim 1. 

Appellant therefore respectfully requests the rejection of claim 9 be 
reversed. 
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Argument VIIE. Rejection Other Than 35 U.S.C. §§102, 103 and 112 

There are no rejections under statutes other than 35 U.S.C. § § 102, 1-3 
and 112. 
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VIII. Claims Appendix 



The text of the claims involved in the appeal is: 



1. A method of authenticating end-user clients requiring access to services 



2 



available in a computer-based communication system, comprising the steps 



3 



of: 



4 



a) at an authentication server connected in said communication 



5 system, defining a list of authentication modules available in said 

6 communication system, and mapping said authentication modules to 

7 authenticating domain identifiers associated to end-user clients of said 

8 authentication server, wherein said authenticating domain identifiers each 

9 comprise an application service identifier; 

10 b) sending, by an end-user client, a respective authentication domain 

1 1 identifier to said authentication server; 

12 c) creating, by the authentication server and depending on the 

13 authentication domain identifier, an authentication stack specific to said end- 

14 user client, said stack comprising one or more stack entries, each mapped to a 

15 respective authentication module; 

16 d) rendering, for each stack entry and depending thereon, an 

17 authentication service provided at said respective authentication module to 

18 produce an authentication result for that entry; and 
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e) consolidating authentication results to obtain an authentication 
status for the end-user client. 

4. The method as defined in claim 1 wherein the authentication service 
includes local and remote services. 

5. The method as defined in claim 4 wherein the local and remote services 
include but are not limited to biometric schemes, cryptographic hardware 
services, smart cards and USB tokens. 

6. The method as defined in claim 1 further comprising, sending a unique 
session identifier to the end-user client responsive to an authentication 
status corresponding to a successful authentication. 

9. A system for authenticating an end-user client in a computer-based 
communication system comprising: 

means, at the end-user client, for sending an authenticating domain 
identifier to an authentication server, wherein said authenticating domain 
identifier comprises an application service identifier; 

means, at the authentication server and depending on the 
authentication domain identifier, for creating an authentication stack 
comprising one or more stack entries; 
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means for rendering, for each stack entry and depending thereon, an 
authentication service to produce an authentication result for that entry; and 
means for consolidating authentication results to obtain an authentication 
status for the end-user client 

wherein the authentication server, dependent on the application ID, 
retrieves a configuration specifying how to create the authentication stack. 
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DC. Evidence Appendix 

There is no additional evidence on which Appellant relies in this 
Appeal. 
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X. Related Proceedings Appendk 

There are no related proceedings involving this application. 



KRAMER & AMADO, P.C. 
1725 Duke Street, Suite 240 
Alexandria, VA 22314 
Phone: 703-519-9801 
Fax: 703-519-9802 



Respectfully submitted, 
Kramer & Amado, P.C. 



Date: November 10. 2008 




Terry W. Kramer 
Registration No.: 41,541 



39 



